This additional input will be unused for now, but future changes are
expected to utilize it.
Test: Keystore CTS Tests
Change-Id: I5c388032e3710e3825bdb06b26443a5ae2c034a3
BlockingQueue does not accept null values, change to CountDownLatch for
synchronization.
Bug: 144477553
Test: Enable multiple managed profiles, and run
`atest UserLifecycleTests#managedProfileStopped`
Change-Id: I1a003568896ce7983a5ac14a710944d914c86bac
Two @SystemApi's being added to allow wifi mainline module to access
formal API's:
a) KeyGenParameterSpec.Builder.setUid() to allow wifi to create/store keys
with WIFI_UID.
b) AndroidKeyStoreProvider.getKeyStoreForUid() to allow wifi to get/put
any keys stored with WIFI_UID.
Both of these API's are already permission protected in the lower
layers. There is a map of euid's stored in the native keystore which
limits which uid is allowed to access which other uid's data.
Bug: 142089671
Test: make system-api-stubs-docs-update-current-api
Change-Id: I39b92d2293bcdc26bb0a4a48a1d1e4cc0b20ad0b
In order to keep conformity across the ecosystem, keystore will enforce
that HMAC key sizes coming in through the framework must be limited to
the range of 64-512 bits, inclusive. This will be the case for both TEE
and StrongBox Keymaster implementations.
Bug: 143404829
Test: atest CtsKeystoreTestCases
Change-Id: I2ea867392060f4478b5a01bd747a4345e1fded4c
TrustManagerService holds the ground truth about whether a user is
locked or not, so update keystore using the information there,
instead of doing it from KeyguardStateMonitor. This fixes the issue
of work profile locked state not being correctly pushed to keystore.
Note: since this change is likely to be backported as a security
patch, I'm refraining from doing major refactoring right now.
Bug: 141329041
Test: manually with KeyPairSampleApp
Change-Id: I3472ece73d573a775345ebcceeeb2cc460374c9b
This is part of the changes to improve the UX and language for installing certificates.
Previously, the different types of certificate used the same installation flow. This CL
introduces a new settings page, where the type of certificate to be installed can be selected.
Bug: 139173976
Test: Atest com.android.settings.security
manual testing from Settings by selecting the certificate type
preference and ensuring the installation flow still worked as expected.
Change-Id: I6e0606b00c5f684571ffbd903b9cf55c6911fd0f
Binding to keychain can fail, for example when the target user
is being removed. Handle this case gracefully and do not block
the system server.
Bug: 139554671
Test: none
Change-Id: Ib68c873e367428b82f3cb2a81cafe1a59776336c
Add KEY_ALIAS_SELECTION_DENIED contant to flag that no private key alias has
been chosen in onChoosePrivateKeyAlias, but no KeyChainActivity selection dialog
should be presented to the user.
Bug: 136649900
Test: run cts --test MixedManagedProfileOwnerTest#testDelegationCertSelection
Change-Id: I9aeea7be0c2a6172ca054f91d49183c843ecfa6e
Introduce a new API to request use of individual attestation
certificate for attesting keys generated by the
DevicePolicyManager.generateKeyPair method.
It builds on existing device ID attestation capabilities in two ways:
(1) Eligibility check: Assuming similar privacy requirements for the use
of individual attestation certificates, enforce the same conditions
for using them as the conditions for requesting device identifiers
in the attestation record.
(2) Keymaster interaction: Passing the right Keymaster tag to the
attestKey call, which is easily done in AttestationUtils.
Bug: 136494773
Test: CTS test to be added.
Change-Id: Idb5cee66d986a521c17e1955532d0bfae66c035d
Unify the manual certificate installation flow (via "Install from
storage" in the Settings app) with the programmatic one (using
DevicePolicyManager.installKeyPair).
The unification is achieved by extending the KeyChainService API to take
in the UID for which the key is designated (so WiFi keys can be
installed with the unified flow), and making the CredentialStorage
activity call the KeyChainService rather than poke into Keystore
directly.
Framework-related changes to support this:
* Add new constant for specifying the key alias as an extra to the
install activity, and remove obsolete constants from the Credentials
class.
* Make KeyChainService definition include key destination UID.
* Make the call to KeyChainService.installKeyPair from the
DevicePolicyManagerService specify the "self" UID.
Test: Manual CtsVerifier tests: KeyChain Storage Test, CA Cert Notification Test
Test: cts-tradefed run commandAndExit cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Bug: 138375478
Change-Id: Ib317f85fa6719c70ee3b1da4255c44754fbfa789
Make AttestedKeyPair c'tor accept a List<Certificate> rather than
Certificate[] to match the getter method on this class.
To make it easier to use this class from other framework code I've
re-instantiated the c'tor with a certificate array which will
convert the array to a list.
Bug: 139092002
Test: cts-tradefed run commandAndExit cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Change-Id: Ie80dcb28f112efa89d3cc6fdceb1b9e5e26c58b1
Make the constructor for AttestedKeyPair public so instances of it can
be created for testing.
Bug: 138409426
Test: That it compiles
Change-Id: Iab8fbf1ad2293a91347701eb67631a8f3a3bd3fa
There's a long-standing bug (since ~Marshmallow) that causes
AndroidKeyStore to truncate large (>64 KiB) blocks of data. This can
be avoided by callers by processing data in smaller chunks, and
smaller chunks are more memory-efficient while not being much (if any)
more time-efficient. But, Keystore should handle large blocks
correctly. This CL adds a test to all block cipher tests that
attempts to encrypt and then decrypt a 100 KiB block.
Bug: 123391046
Test: CtsKeystoreTestCases
Change-Id: I0c0286fd5360d4fe62cbd8130aa0c17f97318801
Since keystore accepts asynchronous requests it may be that apps wait
forever if keystore dies. This patch adds a death recipient to all
keystore promises so that Keystore.java gets notified when keystore
dies.
Test: atest android.keystore.cts
Bug: 111443219
Bug: 128991260
Change-Id: Ie6e4a4f371287f83a2cdf4069d5686c67d8aebc1
Files failing automerge from AOSP.
See build/soong/README.md for more information.
Bug: 122332340
Test: treehugger
Change-Id: I92f7584aeaf502336f67e04fbc22634784c9305d
This is useful when the caught exceptions are not informative and they
act as a red herring in the adb logs.
Bug:109791294
Test: call this method in the VpnSettings and manually navigate to
adding a new VPN by searching for VPN in settings and then pressing '+'.
Change-Id: I4bc86e3ea5b11027090fd3a27dc7455557cf66ab
Merged-In: I4bc86e3ea5b11027090fd3a27dc7455557cf66ab
If a certificate is self signed, then currently KeyStore will still
attempt to find the CA certificate. When it obviously fails to find it,
a key not found exception is propagated up and thrown. This CL
suppresses that exception, as it seems to exclusively be thrown in this
condition, which is WAI. Having the stack trace show up can be very
misleading to developers.
Test: atest cts/tests/tests/keystore/src/android/keystore/cts
Change-Id: I192f54d3d8355c183e830ab09314932e8800f7ed
Mark the c'tor parameters as nullable to comply with Exception's
behaviour.
Bug: 126702366
Test: That it compiles
Change-Id: I96a7c03cb79e7180872de02bee143b67f7a408ec
If they were null, then the Parcelable would fail to work.
Bug: 126726802
Test: manual
Change-Id: I7929ffa2f20e5de1c8e68e8263cca99496e9d014
Exempt-From-Owner-Approval: Trivial API annotations
For packages:
android.security
android.service.dreams
android.service.euicc
android.service.vr
android.service.wallpaper
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Merged-In: I1c8ae08f8d3b4b2f5bf365468f22155f8def09fe
Change-Id: I09850a52193a28b0f884cfa01b564c29d25d41ed
For packages:
android.security
android-service.dreams
android.service.euicc
android.service.vr
android.service.wallpaper
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: I1c8ae08f8d3b4b2f5bf365468f22155f8def09fe
This is to keep it in sync with response codes in keystore.h.
This commit also adds the KeyPermanentlyInvalidatedException to all the
methods that could receive this error code out of KeyStore.
Bug: 118883532
Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/AuthBoundKeyTest.java
Change-Id: I878a628824e2eeb639ec5678b1a5d3d10428a918
Merged-In: I878a628824e2eeb639ec5678b1a5d3d10428a918
This is to keep it in sync with response codes in keystore.h.
This commit also adds the KeyPermanentlyInvalidatedException to all the
methods that could receive this error code out of KeyStore.
Bug: 118883532
Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/AuthBoundKeyTest.java
Change-Id: I878a628824e2eeb639ec5678b1a5d3d10428a918
Previously the framework would accept any key size that was a multiple
of 8 for the KeyGenerator.
Bug: 117509689
Bug: 122274787
Test: atest cts/tests/tests/keystore/src/android/keystore/cts/KeyGeneratorTest.java
Change-Id: I60b52f6062a41ae52486bae0ae36616f4b532b37
Improve the documentation on the case of key override: When a new key is
generated/installed using an alias that already exists.
In particular, clarify that grants are lost and that a new call to
KeyChain.choosePrivateKeyAlias must be issued in this case.
Bug: 123563258
Test: that it builds.
Change-Id: I055e95f57b9576883736ca0cfa6a998dec08a6c2
